In Depth

Dual Threats: How to Build Expertise, Certifications in Multiple Subjects

Four professionals discuss the value of MBAs, CFAs and other certifications and degrees from beyond the security field. Should you become a 'dual threat'?

By Lauren Gibbons Paul

June 18, 2008 — The strands that weave together to form the fabric of a satisfying career are often rich and varied. Even threads that appear out of place join to form a cohesive tapestry. This is especially true in security, which (despite its ancient roots) is, in many respects, a new field.

Some CSOs arrive at their posts after following educational paths or early work experiences that appear to contrast with their current profession. Some pursue multiple certifications or complementary degrees to build their knowledge. And this development of multiple areas of expertise can turbocharge a security professional.

Marc Fidanza is a good example of the phenomenon. Fidanza earned a degree in business and accounting as well as a CPA before he got involved in security—almost by accident—in the early days of the profession. Now director of security for Takeda Pharmaceuticals North America in Chicago, he worked in internal audit for American Airlines right out of college. When the airline's audit division was broken up into different groups, Fidanza found himself working on fraud cases involving frequent flyer miles. That was the beginning of his love affair with security.

"It worked well because they had a gap on their team from a financial accounting standpoint. That was a skill set they didn't have," he says. "I was given the opportunity to demonstrate my value. [Having the CPA] definitely opened some doors for me to be placed on the security staff permanently." But the biggest benefit of his background is built-in credibility with the people to whom he has presented plans or budgets. "They are typically very savvy people so it has helped me articulate the security value proposition," he says.

Because the field is evolving and widening in scope, having a diverse background—whether educational or experiential—stands a CSO in good stead. The dizzying array of risks today demands a holistic approach to security, and that meshes well with a CSO who has wide-ranging educational or professional experience.

MBAs Need Apply
David Kent, for example, aspired to be chief of police in a small town like the one in which he grew up, so he earned an undergraduate degree in criminal justice. Upon graduation, he found there were not many places that needed a sheriff. Working for a small defense contractor in the late 1980s, he started to develop an interest in information security.